Crypto Ransomware Hides in Ads

Crypto Ransomware Hides in Ads

18th Mar 11:37

Security researchers have warned that crypto ransomware has been found in adverts lurking on popular websites.

The FBI and the UK's National Crime Agency have issued warnings about a sudden spike in ransomware - a malware that typically encrypts data on a target computer and demands a ransom in exchange for the decryption key.

In a recent campaign, various security research teams discovered ransomware in ads served on news sites last weekend through a compromised online advertising network.

Researchers at security firm Trend Micro said the ransomware was being spread by the Angler exploit kit, which includes tools for cyber attackers to take advantage of vulnerabilities in browser plugin software such as Adobe Flash and Microsoft Silverlight.

Vice president for Europe at security firm RiskIQ, Ben Harknett, said: "Unfortunately, using malvertising as a method of covertly spreading malware is only growing in popularity.

"Recent research we carried out at RiskIQ revealed that malvertising jumped up over 300% year on year between 2014 and 2015 following a string of major publishing sites, such as Forbes.com, Huffington Post and the Daily Mail, being exploited by malvertising campaigns.

"We also found that the most common lure used in malvertisements in 2015 to date has been fake Flash updates, the same software that was exploited across the Yahoo ad network."